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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 . 1 36(a). In no event, however, may a reply be timely filed 
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earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )£<] Responsive to communication(s) filed on 07 December 2007 . 
2a)D This action is FINAL. 2b)^ This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 
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4a) Of the above claim(s) 9-17,26-34,42-46 and 55-64 is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E3 Claim(s) 1-8,18-25,35-41 and 47-54 is/are rejected. 
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Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
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application from the International Bureau (PCT Rule 17.2(a)). 
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DETAILED ACTION 



1. Claims 1-54 are pending. 

Election/Restrictions 

2. Claims 9-17, 26-34, 42-46, and 55-64 are withdrawn from further consideration 
pursuant to 37 CFR 1.142(b), as being drawn to a nonelected invention, there being no 
allowable generic or linking claim. Applicant timely traversed the restriction (election) 
requirement in the reply filed on 6 March 2007. 

Response to Arguments 

3. Applicant's arguments have been considered but are moot in view of the new 
ground(s) of rejection. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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4. Claims 1-5, 7-8, 18-22, 24-25, 40, 47-51, and 53-54 are rejected under 35 
U.S.C. 103(a) as being unpatentable over Drews US Patent No. 6,463,535 in view of 
IEEE Standard for Boot (Initialization Configuration) Firmware: Core Requirements and 
Practice (hereafter "IEEE") and Kozen "Efficient Code Certification." 

5. With regards to claims 1, 8, 18, 25, 40, 47, and 54, Drews teaches that upon 
power-up of a computer, retrieving boot code and a certificate from a remote device 
coupled to the computer (Drews, column 3 lines 7-25, downloads boot image and 
signed manifest over communication link), verifying with the computer, security of a boot 
code associated with a remote device by performing a security check on the boot code 
in accordance with a certificate (Drews, column 5 lines 32-60, signed manifest is 
accessible by the verification function, manifest is verified) and executing the boot code 
based on a result of the security check (Drews, column 5 lines 30-40, application image 
can be executed if verification function returns success). Drews fails to teach a 
description of the operation of the boot code being verified and the boot code being 
downloaded from a peripheral device. However, IEEE teaches downloading boot code 
from a peripheral device and executing the boot code on a peripheral device in 
response to a check of the boot code (IEEE, Page 2, plug in device driver,, page 12. 
section 2.5, boot device, page 23 Section 3.6) and providing, subsequent to the 
initialization, an interface by which the computer controls the peripheral device (IEEE, 
Page 2, plug in device driver, page 12 section 2.5, boot device, page 23 Section 3.6). 
Further, Kozen teaches a description of the operation of the boot code being verified 
(Kozen, pages 2-3, structured annotations that direct the verification process, verifier 
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checks set of conditions that are sufficient to imply desired safety properties). At the 
time the invention was made, it would have been obvious to a person of ordinary skill in 
the art to utilize IEEE's method of downloading boot code from a peripheral device and 
Kozen's method of verifying operation of a program because it offers the advantage of 
allowing ensuring that executable code downloaded from an untrusted source is safe to 
run (Kozen, page 2) and providing greater flexibility for computer peripherals because it 
removes the requirement that computers come preloaded with boot firmware for all . 
possible peripheral devices (IEEE, page 1). 

6. With regards to claims 2, 19, and 48, Crews as modified teaches verifying the 
security of the boot code includes verifying the boot code via Efficient Code Certification 
that specifies a process for performing the security check on the boot code as indicated 
by the certificate (Kozen, pages 2-3). 

7. With regards to claims 3, 20, and 49, Drews as modified teaches the certificate 
further indicates a type of security check to perform (Kozen, pages 2-3, directs 
verification process). 

8. With regards to claims 4, 21, and 50, Drews as modified teaches the type of 
security check comprises one of a security check to enforce type safety, a security 
check to enforce flow control safety, a security check to enforce memory safety, a 
security check to enforce stack safety, a security check to enforce device encapsulation, 
and a security check to enforce prevention of specific forms of harm (Kozen, page 3, 
control flow, memory, stack safety). 
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9. , With regards to claims 5, 22, and 51, Drews as modified teaches the bpot code 
includes boot firmware (Drews, column 3 lines 7-25, boot image). 

10. With regards to claims 7, 24, and 53, Drews as modified teaches verifying the 
safety of the boot code occurs inline such that verifying the safety of the boot code 
occurs in real time prior to executing the boot code (Drews, column 3 lines 7-25, pre- 
boot operation state). 

11. Claims 6, 23, and 52 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Drews US Patent No. 6,463,535, IEEE Standard for Boot 
(Initialization Configuration) Firmware: Core Requirements and Practice, and Kozen 
"Efficient Code Certification," as applied to claim 1 above, and in further view of Rudoff 
et al US Patent No. 6,263,378 

12. With regards to claims 6, 23, and 52, Drews as modified fails to teach the boot 
firmware conforms to the Open Firmware standard IEEE-1275. However, Rudoff 
teaches boot firmware conforming to the Open Firmware standard IEEE-1275 (Rudoff, 
Abstract). At the time the invention was made, it would have been obvious to a person 
of ordinary skill in the art to utilize Rudoff s method of using IEEE 1 275 because it offers 
the advantage of providing facilities for both debugging hardware and software and 
provides an industry standard (Rudoff, column 3 lines 10-30). 

13. Claims 35-41 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Drews US Patent No. 6,463,535, IEEE Standard for Boot (Initialization Configuration) 
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Firmware: Core Requirements and Practice in view of Kozen "Efficient Code 
Certification" and Ong US PGPub 2004/0177258. 

14. With regards to claim 35, Drews as modified teaches all that is described above 
•regarding claim 1, but fails to teach a peripheral device having a memory module 
wherein the memory module stores both a boot code and a certificate. However, Ong 
teaches a peripheral device having a memory module wherein the memory module 
stores a boot code and a certificate (Ong, paragraph 0025). At the time the invention 
was made, it would have been obvious to a person of ordinary skill in the art to utilize 
Ong's method of storing boot codes and certificates in a peripheral device because it 
offers the advantage of allowing the identification and verification of a peripheral 
component using its certificate to prove trust (Ong, paragraph 0028). 

15. With regards to claims 36, Drews as modified teaches verifying the security of 
the boot code includes verifying the boot code via Efficient Code Certification that 
specifies a process for performing the security check on the boot code as indicated by 
the certificate (Kozen, pages 2-3). 

16. With regards to claims 37, Drews as modified teaches the certificate further 
indicates a type of security check to perform (England, column 7 lines 18-46, 
component certificate, Kozen, pages 2-3). 

17. With regards to claims 38, Drews as modified teaches the type of security 
check comprises one of a security check to enforce type safety, a security check to 
enforce flow control safety, a security check to enforce memory safety, a security check 
to enforce stack safety, a security check to enforce device encapsulation, and a security 
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check to enforce prevention of specific forms of harm (Kozen, page 3, control flow, 
memory, stack safety). 

18. With regards to claims 39, Drews as modified teaches verifying the safety of 
the boot code occurs inline such that verifying the safety of the boot code occurs in real 
time prior to executing the boot code (Drews, column 3 lines 7-25, pre-boot operation 
state). 

19. With regards to claim 41, Drews as modified teaches the peripheral device 
comprises one of a graphic device, network controller, and storage controller (Ong, 
paragraph 0025, stores sensitive data). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Andrew L. Nalven whose telephone number is 571 272 
3839. The examiner can normally be reached on Monday - Thursday 8-6, Alternate 
Fridays. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on 571 272 381 1 . The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




